@devramps/cli 0.1.15 → 0.1.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +30 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -2064,7 +2064,17 @@ function buildOrgRolePolicies(orgSlug) {
|
|
|
2064
2064
|
"ecr:PutImage",
|
|
2065
2065
|
"ecr:InitiateLayerUpload",
|
|
2066
2066
|
"ecr:UploadLayerPart",
|
|
2067
|
-
"ecr:CompleteLayerUpload"
|
|
2067
|
+
"ecr:CompleteLayerUpload",
|
|
2068
|
+
"ecr:DescribeRepositories"
|
|
2069
|
+
],
|
|
2070
|
+
Resource: "*"
|
|
2071
|
+
},
|
|
2072
|
+
{
|
|
2073
|
+
Sid: "AllowS3ArtifactBuckets",
|
|
2074
|
+
Effect: "Allow",
|
|
2075
|
+
Action: [
|
|
2076
|
+
"s3:ListBucket",
|
|
2077
|
+
"s3:GetBucketLocation"
|
|
2068
2078
|
],
|
|
2069
2079
|
Resource: "*"
|
|
2070
2080
|
}
|
|
@@ -2442,6 +2452,25 @@ function buildStageTrustPolicy(accountId, orgSlug, pipelineSlug, oidcProviderUrl
|
|
|
2442
2452
|
}
|
|
2443
2453
|
function buildStagePolicies(steps, additionalPolicies) {
|
|
2444
2454
|
const policies = [];
|
|
2455
|
+
policies.push({
|
|
2456
|
+
PolicyName: "DevRampsValidationPolicy",
|
|
2457
|
+
PolicyDocument: {
|
|
2458
|
+
Version: "2012-10-17",
|
|
2459
|
+
Statement: [
|
|
2460
|
+
{
|
|
2461
|
+
Sid: "AllowResourceValidation",
|
|
2462
|
+
Effect: "Allow",
|
|
2463
|
+
Action: [
|
|
2464
|
+
"ecr:DescribeRepositories",
|
|
2465
|
+
"s3:ListBucket",
|
|
2466
|
+
"s3:GetBucketLocation",
|
|
2467
|
+
"cloudwatch:DescribeAlarms"
|
|
2468
|
+
],
|
|
2469
|
+
Resource: "*"
|
|
2470
|
+
}
|
|
2471
|
+
]
|
|
2472
|
+
}
|
|
2473
|
+
});
|
|
2445
2474
|
for (const step of steps) {
|
|
2446
2475
|
if (!hasPermissions(step.type)) {
|
|
2447
2476
|
continue;
|